Communication security and counter surveillance

From DevSummit
Revision as of 18:28, 5 May 2015 by Vivian (talk | contribs) (1 revision imported)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search 
  * Communication security and counter surveillance
  * Examples of stuff we'd like protected
     * Occupy participants are using well designed collaboration tools (google docs)
     * Healthcare demographics 
     * Open communication in activism without being cornered
     * WAnt to know things that we should be aware of that we aren't currently are
     * Raising privacy awareness among the younger generation
     * video chat
     * security training for activists
     * email
     * Blocking of information - why is this happening
     * Protection of identity on the internet
     * Be more cognizant of what I'm sharing, and how to share this with partners
     * People of alternative lifestyles remain protected from judgement and prosecution
     * Usable tools while not giving up privacy/security
     * Anonymization of common discussion tools
     * Protecting people's rights when it comes to citizenship and youth
     * Creating a better language in how you talk to others about what they should be worried about
     * Trust based web-services vs. convenience
     * A social graph is a powerful tool for organizing, but also problematic
  * The US Government has devoted a lot of resources to map the social network of citizens of the united states and transaction logs of mobile phones
  * There hasn't been major abuses but this may not hold out - do we trust the "benevolent" government
  * The government is sanctioning the FBI to deny "more documentation works" - 20 year policy
     * This could be applied to other agencies
     * This might not be being used on a wide scale, but this may be a belief vs. truth 
  * Facebook may be closer to the US government vs. Mugabe's government, and your privacy is set by the company, not by you
     * The state is not built to protect you
     * The framework is not either
  * Mis-information may not work - they may be able to determine real patterns and behaviors by your activity, despite trying to mislead and hide it
     * The more data they get, the better they can get detailed information
  * The Law is not currently giving the protection needed
     * Technology has not been able to provide this protection either
  * Government Transparency
     * Egypt broke into the egyptian secret service and released a bunch of documents - a bit dangerous and yet important
     * Laws are going the wrong direction at the moment
        * The US has the ability to put a tracker on any car without a warrant
  * Officers are agreeing that the system is broken
  * Need to try and solve the problem ourselves
  * The government says that social activity is "metadata" and not content, and content needs a warrant, metadata does not.  Arguable that metadata is content as details can be inferred about you based on that studied behavior.
  * Going to a hospital requires signing a privacy policy where there is an exception for natural security
     * The government can just knock and ask for it
  * Section 215 of the Patriot ACT
  * If you have to use a convenience system, might try limiting use of it for more secure options
     * Riseup might be a good option, but if you become dependent on the legal entity, google might be the better option for your protection
  * When organizing
     * Trade off of functionality vs. security/privacy 
     * Crowdgrass - good option for anonymized doc sharing
     * Hushmail - bad choice for privacy
     * Riseup - a better choice for email privacy
     * SSD.eff.org (survellience self defense)
     * FLOSS manual
  * Personal digital security
     * Use FOSS OS & software
     * install from a package manager which has a strong validation system
  * Encryption just means you are protected, for awhile
     * if they get your key, then they have full access
  * What about entrusting the hardware
     * Don't buy hardware with a credit card and ensure its not obvious where the hardware is going
  * We leave electronic fingerprints all the time
  * People who are at the highest risk (immigrants, etc) may not have the skills or access to utilize these privacy options (both in knowledge and pricing)
     * Free software is "free" - except for time
     * Be thoughtful in your choice  - i.e., purchasing a netbook vs. a macbook air
     * Work on making sure people understand these risks in their life
     * Encourage safeness and offering free tools
  * Corporations may not have our best interest in mind, or they may not have the choice and may have to comply with government summons
  * Security options - trading tools
     * Trade cell phones
     * Trade grocery coupon cards
  * Resources
     * Riseup
     * iphone - private GSM - also for nokia, android, blackberry - voip service
     * Redphone
     * Textsecure - encrypted text messages - Android
     * Tor
  * Be wary of iPhone and Androids for secured communication - serious security concerns
  * The technology is only as secure as our social network/connections
  * The hardware on smart phones can control your phone, despite the use of free software on your mobile phone
     * Don't turn off cellphone, could be seen as a suspicious activity, instead, leave it at home, put in a bathroom, turn on music, etc.
  * Real effort needed is to change the Laws and create the transparency to watch the watchmen
  * Lawrence Lessig - The Code is Law
  * There is a guidebook available from Riseup 
     * you can download from TOR
  * Advice
     * Be wary of proprietary tools and information
     * Nothing is perfect, but better we try
     * Take the necessary precautions to protect those around you
Retrieved from "https://devsummit.aspirationtech.org/index.php?title=Communication_security_and_counter_surveillance&oldid=515"